package com.sqllog.admin.auth.process;


import com.sqllog.admin.auth.domain.User;
import com.sqllog.admin.auth.session.SecureSessionService;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
public class SecureRememberMeHandler implements AuthenticationSuccessHandler {

    @Resource
    private SessionRegistry sessionRegistry;

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication){
        User currentUser = (User) authentication.getPrincipal();
        request.getSession().setAttribute("currentUser", currentUser);
        SecureSessionService.expiredSession(request, sessionRegistry);
        // 注册新的SessionInformation
        sessionRegistry.registerNewSession(request.getSession().getId(), authentication.getPrincipal());
    }
}
